- Chat with McAfee Ready to make a purchase or have questions before you buy? Chat with a McAfee expert. Available Monday to Friday.
- Find a Reseller
- Contact Me
- Get Security Notifications Now
- Call: 1-888-847-8766
Overview
By mapping IT controls against predefined policy content, McAfee Policy Auditor helps you report consistently and accurately against key industry mandates and internal policies across your infrastructure or on specific targeted systems. Policy Auditor is an agent-based IT audit solution that leverages the Security Content Automation Protocol (SCAP) to automate the processes required for internal and external IT audits.
Streamlined deployment and management — The McAfee ePolicy Orchestrator (ePO) platform provides easy Policy Auditor deployment, and simplified reporting and compliance management.
Flexible policy formation — Within minutes, Policy Auditor allows for the creation of new policies designed by you, set by corporate governance, or from authoritative sites such as Federal Desktop Core Configuration (FDCC). Real-time audits and controls for setting the frequency of data capture deliver timely information for compliance.
Predefined templates and controls — Policy Auditor comes with predefined benchmark templates and the ability to ensure protection of the business by employing blackout windows that halt data capture during key business periods.
Features & Benefits
Streamline proof of compliance
Use prebuilt policy templates that eliminate manual effort and demonstrate adherence to key industry mandates and internal governance policies, including PCI DSS, SOX, GLBA, HIPAA, FISMA, and the best-practice frameworks ISO 27001 and COBIT. Policy Auditor includes a purpose-built PCI dashboard that delivers a consolidated view of the state of compliance by PCI requirement/control.
Receive unprecedented integration with McAfee ePO and Vulnerability Manager
Use McAfee ePolicy Orchestrator (ePO) software to lower cost of ownership by consolidating endpoint security management and compliance management, easing agent deployment, administration, and reporting. Integration with McAfee Vulnerability Manager enables organizations to consolidate agent and agentless audits.
Get the latest standards in compliance validation
Keep updated on compliance standards. Security Content Automation Protocol (SCAP) validation by the National Institute of Standards and Technology (NIST) enables agencies to comply with the Federal Desktop Core Configuration (FDCC) standard.
Customize and extend Policy Auditor IT controls checking
Create rules from any scripting language supported by the system being audited to extend the check capabilities of Policy Auditor. Sample languages include VBScript, batch files, Perl, and Python.
Prevent disruption to critical business applications with blackout window
Set the frequency of data capture to support automated reports with accurate data. To prevent disruption to critical business applications, a blackout window lets IT operations block audit data capture during key business periods.
Get Fast, automated import of industry benchmarks
Download benchmarks from authoritative sites. Within minutes, view detailed security guidance to confirm regulatory compliance or design your own internal governance policies based on security community best practices.
System Requirements
Operating Systems
- Microsoft Windows 7
- Microsoft Windows Vista
- Microsoft Windows XP Pro
- Microsoft Windows 2000 (Advanced/Professional), 2003 (Enterprise/Standard), 2008
- Microsoft Windows XP, 2003, 2008 R1
- Red Hat Enterprise Linux 3.0
- Red Hat Enterprise Linux (AS, ES, WS) 4.0, 5.0, 5.1
- MAC OS X 10.4, 10.5
- HP-UX (RISC) 11iv1, 11iv2
- AIX (Power5, Power6) 5.3 TL8 SP5, 6.1 TL2 SP0
Demos / Tutorials
McAfee Continuous Compliance
Use a single solution and achieve continuous compliance with McAfee Configuration Control.
McAfee Risk & Compliance
Learn how McAfee Risk and Compliance products scan your entire network, providing complete visibility and ensuring proper protection.
Tutorials
Customer Stories
CSTISA
CSTISA uses McAfee ePolicy Orchestrator (ePO) software as a primary sales tool to sell McAfee Endpoint Protection solutions.
Highlights
- Supports year-over-year scalability and business continuity
- Helps build trust as an IT security advisor to customers
- Provides expert service to customers, from sales and installation through ongoing support
- Allows expansion into new markets, such as cloud security services
Intelsat
Intelsat trusts McAfee to protect user and network devices globally.
Highlights
- Protected a diverse environment from internal and external threats, including the inherent risks of a fluctuating population of 250 to 500 contractors
- Managed the entire server system with 1.5 full-time employees (FTEs)
- Reduced solution cost by 75% over a la carte purchases from separate vendors
- Standardized a security environment that previously required five vendors
- Complied with regulations, including SOX, HIPAA, and Department of Defense (DoD)
James Tower
McAfee keeps James Tower secure and compliant with industry regulations.
Highlights
- Reduced time required to push out the most current security and virus patches to minutes, rather than hours or days
- Used to apply patches, updates, settings, and other security measures consistently across all systems
- Dramatically reduced audit time as well as time to build and maintain servers
- Provided fast, accurate profiling of all systems
- Facilitated decision making through a centralized, consolidated dashboard and robust reporting
Scottrade
Scottrade partners with McAfee to secure customer data.
Highlights
- Eliminated network vulnerabilities and protected customer information
- Improved monitoring and control of workstations and servers via a single management console
- Streamlined and accelerated security management and vulnerability assessment
- Simplified deployment, patches, and upgrades
- Helped Scottrade garner multiple awards for customer satisfaction and IT excellence
News / Events
News
- McAfee Unveils the First Situational and Risk Aware SIEM
April 24, 2012Topics : Risk & Compliance, Security Management, SIEM
- McAfee Named a Finalist in 15 Categories of SC Magazine 2011 Awards
November 11, 2010Topics : Email & Web Security, Risk & Compliance
Events
No results foundOn Demand
No results foundResources
McAfee Policy Auditor Software
For a technical summary on the McAfee product listed above, please view the product data sheet.
Solution Briefs
White Papers
Community
Forums
No results foundBlogs
- NCCDC 2013 – Red Team Recap
Jim Walter - May 07, 2013
This past April (4/19 to 4/21) I had the great pleasure and experience of joining the Red Team at 9th NCCDC competition. It was actually my 2nd year on the Red Team and 4th year to attend in total (I judged in 2010 and 2011). McAfee is actually a perpetual Read more... - RDP+RCE=Bad News (MS12-020)
Jim Walter - March 14, 2012
See March 15 and 16 updates at the end of this blog. —————————————————- The March Security Bulletin release from Microsoft was relatively light in volume. Out of the six bulletins released, only one was rated as Critical. And for good reason. MS12-020 includes CVE-2012-0002. This flaw is specific to the Remote Desktop Protocol (RDP) present on Read more... - An Update on DNSChanger and Rogue DNS Servers
Jim Walter - March 06, 2012
In late 2011, the FBI released documents and data focusing on “Operation Ghost Click.” This malicious operation, leveraging a variety of DNSChanger-type malware, was defined by the FBI as an “international cyber ring that infected millions of computers.” Associated malware samples and events can be traced back several years, and multiple platforms were targeted. To this day many remain Read more... - McAfee Q4 Threats Report Shows Malware Surpassed 75 Million Samples in 2011
David Marcus - February 21, 2012
Today we released our Fourth Quarter 2011 Threat Report, revealing that malware surpassed the our estimate of 75 million unique malware samples last year. Although the release of new malware slowed a bit in Q4, mobile malware continued to increase and recorded its busiest year to date. Malware The overall growth of PC-based malware actually Read more... - Cultural Security: Promoting Security Policies Using Organizational Culture
Steven Fox - September 06, 2011
Most of us refer to security policies in much the same way as we refer to our car manuals – when something unexpected happens. We know these documents have useful information. However, their utility is tied to situations where answers do not present themselves readily. According to Chris Noel, SVP of Product Management at ANXeBusiness, Read more...